51.222.168.160
IP Intelligence Dossier
Your IP: 216.73.216.123
๐ค Witness AIThis summary was generated by AI and may contain inaccuracies. Verify critical details independently.
IP Intelligence Briefing: 51.222.168.160
Date: 2026-06-14
---
**Key Findings**
- Risk Profile: Moderate risk (score: 40) with no direct malicious indicators.
- Ownership: Hosted by OVH (ASN 16276) under Ahrefs Pte Ltd.
- Geolocation: Registered to Canada (QC region) but resolves to Singapore (potential discrepancy).
- Network Role: Cloud infrastructure (OVH CloudCompute) with no residential/mobile ties.
- Threat Indicators: No known malware, spam, or exploit activity.
---
**Observation History**
- DNS: Resolves to `proxy-ca018-san160.ahrefs.net` (ahrefs.net).
- Network Classification: Subnet 51.222.168.0/24 classified as "high_abuse" with 53.2% abuse density.
- BGP: Stable route with OVH, no recent changes.
---
**Relationships**
- Linked to OVH-CUST-281059697 network.
- No direct ties to known malicious organizations or domains.
---
**Neighborhood Risk**
- Subnet: 51.222.168.0/24 (256 IPs).
- Abuse Density: 53.2% (133/250 IPs flagged as threats).
- Active Siblings: 193 IPs, with 133 showing malicious activity.
---
**Recommended Actions**
- Firewall Blocking:
```bash
iptables -A INPUT -s 51.222.168.160 -j DROP
nft add rule inet filter input ip saddr 51.222.168.160 drop
```
- WAF Rules:
- Cloudflare: Block IP with rule `ip.src eq 51.222.168.160`.
- AWS WAF: Add `51.222.168.160/32` to a new rule.
---
**Notes**
- Despite moderate risk, the IP is part of a high-abuse subnet. Monitor neighbors for lateral movement.
- Geolocation discrepancy (Canada vs. Singapore) may require further verification.
- No direct threat indicators, but subnet-level risk warrants cautious monitoring.
Source: IPDebrief Threat Intelligence Platform.
This summary was generated by AI and may contain inaccuracies. Verify critical details independently.
๐ข Ownership & Registration
| Organization | Dmytro, Ahrefs Pte Ltd |
| ASN | AS16276 |
| Network Name | OVH-CUST-281059697 |
| CIDR Block | 51.222.168.0/24 |
| RIR | ARIN |
| Country | Singapore |
| Abuse Contact | โ |
๐ DNS Intelligence
| PTR | proxy-ca018-san160.ahrefs.net |
| Forward Confirmed | No โ PTR hostname does not resolve back to this IP (weak signal) |
| Forward Hostnames | proxy-ca018-san160.ahrefs.net |
๐ DNS Hygiene
| Hygiene Score | 40% (Fair) |
| SPF | Not configured |
| DMARC | Not configured |
| FCrDNS | Not verified |
| DNSSEC | Valid |
| CAA | Present |
โ๏ธ Network Classification
| Infrastructure | Infrastructure / Datacenter |
| Service Purpose | Firewalled / No Services |
| Network Tier | Hosting โ Infrastructure provider without advanced routing |
๐ Services & Open Ports
| Port | Service | Protocol | Banner |
|---|---|---|---|
| No open ports detected | |||
| Closed Ports | 22, 25, 80, 443, 3389, 8080, 8443 (0 open / 7 scanned) | ||
| Server | โ |
| HTTP Title | โ |
๐ TLS Certificate
No certificate
Issued by โ
N/A
| SANs | None |
| Valid From | โ |
| Valid Until | โ |
๐ฏ Confidence Breakdown
Per-dimension confidence scores based on source diversity and data freshness
| Dimension | Score | Sources | Observations |
|---|---|---|---|
| threat | 26% | 2 | 4 |
| routing | 13% | 1 | 1 |
| services | 15% | 2 | 2 |
| ownership | 19% | 2 | 2 |
| reputation | 28% | 1 | 3 |
| geolocation | 23% | 2 | 2 |
| Overall | 21% | 10 | 14 |
Coverage: 6/6 dimensions ยท Data sufficiency: sufficient
| Data Coherence | Consistent (100%) |
| Attribution | Moderate (50%) |
| OwnershipFCrDNSGeo ConsensusGeo PlausibleIRR MatchRPKI Valid |
๐ Observation Timeline ๐ Live
| First Seen | 2026-05-08 17:18:08 UTC |
| Last Seen | 2026-06-27 14:00:25 UTC |
| Profile Built | 2026-06-28 08:04:43 UTC |
| Data Freshness | Live |
| Signal Types | 21 |
| Total Observations | 27 |
๐ 21 signal types ยท 27 observations collected
This report is generated from 21+ independent intelligence signals including
ownership records, DNS analysis, BGP routing, TLS certificates, port scanning, threat feeds,
behavioral fingerprinting, and more.
Full dossier details are available via our API.
Full dossier details are available via our API.
โน๏ธ About This Report
All data shown is publicly available network metadata โ IP addresses do not reliably identify individuals.
Assessments are probabilistic and should not be used as sole basis for access control decisions.
To report an issue or request data review, contact admin@ipdebrief.com.